----- Original Message ----- From: "CERT Advisory" <[email protected]> To: <[email protected]> Sent: Wednesday, March 19, 2003 7:53 PM Subject: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines
> > > -----BEGIN PGP SIGNED MESSAGE----- > > CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines > > Original release date: March 19, 2003 > Last revised: -- > Source: CERT/CC > snip... > > GNU glibc > > Version 2.3.1 of the GNU C Library is vulnerable. Earlier versions are > also vulnerable. The following patches have been installed into the > CVS sources, and should appear in the next version of the GNU C > Library. These patches are also available from the following URLs: Does this affect: libstdc++2.10-glibc2.2 glibc-2.2.5-11.2 If so are the patches in the pipeline? Apologies if I have missed a posting - unfortunately the volume of recent off-topic messages has resulted in my heavy filtering of debian-security. Regards Jeff
